» wiupdat.exe
Overview
Analysis
File Details

wiupdat.exe

TestDDCCI Application

The executable wiupdat.exe, “TestDDCCI MFC Application” has been detected as malware by 24 anti-virus scanners.

File name:

wiupdat.exe

Product:

TestDDCCI Application

Description:

TestDDCCI MFC Application

Version:

1.0.0.1

MD5:

11fa9c7c013f545aae8f8220a612a215

SHA-1:

c55c873ca60060d44560e89b2f9c9558158b3053

SHA-256:

3740fd3e466883280b20e7a581ad111ed6d5ab202e329e04a1f4e0bdc8d85a4f

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/25/2024 7:37:50 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1855780

804

Agnitum Outpost

Trojan.Tinba

7.1.1

Avira AntiVirus

TR/Crypt.ZPACK.97417

7.11.174.250

avast!

Win32:Malware-gen

2014.9-141122

AVG

Pakes

2015.0.3282

Baidu Antivirus

Trojan.Win32.Yakes

4.0.3.141122

Bitdefender

Trojan.GenericKD.1855780

1.0.20.1630

Emsisoft Anti-Malware

Trojan.GenericKD.1855780

8.14.11.22.07

ESET NOD32

Win32/Tinba.AW

8.10475

Fortinet FortiGate

W32/Tinba.AW!tr

11/22/2014

F-Secure

Trojan.GenericKD.1855780

11.2014-22-11_7

G Data

Trojan.GenericKD.1855780

14.11.24

IKARUS anti.virus

Trojan.Win32.Tinba

t3scan.1.7.8.0

Kaspersky

Trojan.Win32.Yakes

14.0.0.2906

Malwarebytes

Trojan.Agent.ED

v2014.11.22.07

MicroWorld eScan

Trojan.GenericKD.1855780

15.0.0.978

Norman

Troj_Generic.VTXNL

11.20141122

nProtect

Trojan.GenericKD.1855780

14.09.26.01

Panda Antivirus

Trj/Chgt.G

14.11.22.07

Quick Heal

Trojan.Yakes.r4

11.14.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R02LC0EIP14

7.2.326

Trend Micro

TROJ_GEN.R02LC0EIP14

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

33490

File size:

113.5 KB (116,224 bytes)

Product version:

1.0.0.1

Original file name:

alter.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\wiupdat.exe

File PE Metadata

Compilation timestamp:

9/10/2014 10:29:35 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:xg+VLNRRXmcOkU2GdxicUNNTrJVXJzM42wB:y+XRRLOkU2G+pVS4

Entry address:

0x4BF2

Entry point:

E8, 9B, 42, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, C8, 33, 41, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 3C, 31, 41, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 00, CA, 41, 00, 89, 0D, FC, C9, 41, 00, 89, 15, F8, C9, 41, 00, 89, 1D, F4, C9, 41, 00, 89, 35, F0, C9, 41, 00, 89, 3D... 
[+]

Code size:

72 KB (73,728 bytes)

Remove wiupdat.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.